[SDBUG] Authorization problem on email server

Gregory Sutter gsutter at zer0.org
Sat Jul 8 19:12:56 PDT 2006 

On 2006-07-08 18:45 -0700, Gregory Sutter <gsutter at zer0.org> wrote:
> On 2006-07-08 14:33 -1000, Al Plant <webmaster at hawaiidakine.com> wrote:
> >
> > FreeBSD 6.1
> > I have installed sendmail imap and pop3. I  tried installing dovecot. I 
> > can still send from the admin at hdk5.net user to anywhere on the inet. 
> > However, I get a bad authentication passwd err for the same user when I 
> > try to download his mail.
> > The server box has ssh and I can get onto it with the password assigned 
> > with no problem. Doesn't the dovecot use the same account passwd for the 
> > account? Or do I have to enable ssl to use the ssh passwrd system which 
> > is encrypted? I just left ssl off to run unencrypted for testing.
> 
> The (/usr/local/etc/)dovecot.conf file controls how dovecot handles
> authentication.  Look for the auth_userdb and auth_passdb settings.
> Also check the links referred to in the comments in that config file.

Also, using your system password file and PLAIN authentication over
your unencrypted test setup is not a good idea.  SSL!

Here's my dovecot.conf for reference.  Note that with the
default_mail_env below, postfix has to be set with the
  home_mailbox = Maildir/
to match.

$ egrep -v "^#" dovecot.conf | egrep -v "^$"
base_dir = /var/run/dovecot/
protocols = imaps pop3s
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/imapd.pem
ssl_key_file = /etc/ssl/private/imapd.pem
ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
ssl_parameters_regenerate = 23
disable_plaintext_auth = yes
login_dir = /var/run/dovecot/login
login_chroot = yes
login = imap
login_user = dovecot
login_processes_count = 16
login = pop3
verbose_proctitle = yes
first_valid_uid = 1000
last_valid_uid = 1999
first_valid_gid = 0
valid_chroot_dirs = /var/mail
default_mail_env = maildir:~/Maildir
client_workarounds = oe6-fetch-no-newmail outlook-idle outlook-pop3-no-nuls
maildir_copy_with_hardlinks = yes
auth = default
auth_mechanisms = plain
auth_userdb = passwd
auth_passdb = passwd
auth_user = root
auth_verbose = yes

-- 
Gregory S. Sutter                       Nothing is so smiple that
mailto:gsutter at zer0.org                 it can't get screwed up.
http://zer0.org/~gsutter/ 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
Url : http://lists.sdbug.org/pipermail/sdbug/attachments/20060708/d2565c42/attachment.bin

More information about the SDBUG mailing list